adamyordan / offbyslash-django-dumperLinks
A proof of concept to dump Django website's source code affected by NGINX's off-by-slash alias directive misconfiguration.
☆24Updated 3 years ago
Alternatives and similar repositories for offbyslash-django-dumper
Users that are interested in offbyslash-django-dumper are comparing it to the libraries listed below
Sorting:
- This is a Burpsuite plugin built to enable you to import your directory bruteforcing results into burp for easy viewing later. This is an…☆36Updated 2 years ago
- Kubernetes Scanner☆40Updated 3 years ago
- This is the Go Server that relays all HTTP requests and responses between clients.☆28Updated 2 years ago
- A tool for fetching archived URLs (to be rewritten in Go).☆41Updated 7 years ago
- Collection of scripts that aid in penetration testing of JSON Web Tokens☆59Updated 6 years ago
- Script will enumerate domain name using horizontal enumeration, reverse lookup. Each horziontal domain will then be vertically enumerated…☆31Updated 6 years ago
- ☆32Updated 6 years ago
- Burp extension that checks application requests and responses for indicators of vulnerability or targets for attack☆41Updated 3 years ago
- A Burp Suite content discovery plugin that add the smart into the Buster!☆32Updated 7 years ago
- Collection of different exploitation scenarios of JWT.☆21Updated 4 years ago
- This burpsuite extender provides a solution on testing Enterprise applications that involve security Authorization tokens into every HTTP…☆47Updated 6 years ago
- RAS(RAndom Subdomain) Fuzzer☆42Updated 5 years ago
- BurpSuite's payload-generation extension aiming at applying fuzzed test-cases depending on the type of payload (integer, string, path; JS…☆40Updated 4 years ago
- A multi-processed, multi-threaded scanner to discover web directories on multiple URLs.☆21Updated 6 years ago
- PHP tool to test XSS☆22Updated 6 years ago
- Finds Directory Listings or open S3 buckets from a list of URLs☆52Updated 4 years ago
- Multithreaded Padding Oracle Attack on Oracle OAM (CVE-2018-2879)☆25Updated 6 years ago
- Plattform to develop and experiment with existing java web attacks.☆31Updated 7 years ago
- Pulse SSL VPN Arbitrary File Read burp extension☆24Updated 6 years ago
- Burp extension that performs a passive scan to identify cloud buckets and then test them for publicly accessible vulnerabilities☆46Updated 2 years ago
- Clickjacking PoC Generator☆35Updated 5 years ago
- Image Tragick Exploit Tool Using Burp Collaborator☆35Updated last year
- URL-encode data streams via commandline☆14Updated 6 years ago
- The format of various s3 buckets is convert in one format. for bugbounty and security testing.☆86Updated 2 years ago
- A tool to evaluate Content Security Policies.☆71Updated 5 years ago
- Auto Recon Bash Script☆31Updated 11 months ago
- BURP extension providing a set of values for the HTTP request "Host" header for the "BURP Intruder" in order to abuse virtual host resolu…☆60Updated 8 years ago
- A bash script that automates the scanning of a target network for HTTP resources through XXE☆37Updated 5 years ago
- Simple burp extension for routing traffic over tor. It instruments tor to switch to a new circuit after every N requests.☆20Updated 3 years ago
- Tool that will request the public disclosures on a specific HackerOne program and show them in a localhost webserver.☆63Updated 6 years ago